[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0ilCzSTLbNeqNS8aODz2TP-PvsZgSsbxn3AdBOt98Pk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":33,"analysis":54,"fingerprints":356},"link-control-commando","Link Control Commando","1.0.0","Anthony Hayes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcommando-seo\u002F","\u003Cp>This plugin monitors the links on your wordpress installation and generate reports based on the findings\u003C\u002Fp>\n","This plugin monitors the links on your wordpress installation and generate reports based on the findings",10,1348,0,"2019-02-14T13:01:00.000Z","5.0.25","3.0.1","",[19,20,21],"backlink-control","commando-seo","link-control","http:\u002F\u002Fanthonyhayes.me\u002Flink-control-commando","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flink-control-commando.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":20,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":30,"trust_score":31,"computed_at":32},3,30,84,"2026-04-05T17:19:10.383Z",[34],{"slug":35,"name":36,"version":6,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":13,"downloaded":41,"rating":13,"num_ratings":13,"last_updated":42,"tested_up_to":43,"requires_at_least":44,"requires_php":45,"tags":46,"homepage":51,"download_link":52,"security_score":53,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"tw-link-expiration-manager","TW Link Expiration Manager","Technology Wisdom","https:\u002F\u002Fprofiles.wordpress.org\u002Ftechnologywisdom\u002F","\u003Cp>\u003Cstrong>TW Link Expiration Manager\u003C\u002Fstrong> is a simple yet powerful plugin that lets you control how long your WordPress content remains publicly accessible.\u003Cbr \u002F>\nAdd an expiration date and time to any Posts, Pages, WooCommerce Products and Custom Post Types. Once the expiration time passes, the post will be automatically set to draft and will return a 404 page to visitors.\u003Cbr \u002F>\nPerfect for limited-time offers, announcements, event content, or any posts that should only be live temporarily.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds an “Expiration Time” field to both the post editor and Quick Edit panel\u003C\u002Fli>\n\u003Cli>Automatically sets posts to \u003Cstrong>draft\u003C\u002Fstrong> after expiration\u003C\u002Fli>\n\u003Cli>Expired posts show a 404 page instead of the content\u003C\u002Fli>\n\u003Cli>Works with \u003Cstrong>all public post types\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>No setup or configuration required. Just install and go\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPL-2.0+ License. You can freely use, modify, and distribute it under the terms of this license. See the full license at: https:\u002F\u002Fopensource.org\u002Flicenses\u002FGPL-2.0\u003C\u002Fp>\n","Adds an Expiration Time for posts, pages, WooCommerce products and custom post types URLs.",282,"2025-12-02T10:06:00.000Z","6.9.4","5.0","7.4",[47,48,21,49,50],"auto-draft","expire-post","post-expiration","time-based-post","https:\u002F\u002Ftechnologywisdom.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftw-link-expiration-manager.1.0.0.zip",100,{"attackSurface":55,"codeSignals":79,"taintFlows":222,"riskAssessment":342,"analyzedAt":355},{"hooks":56,"ajaxHandlers":75,"restRoutes":76,"shortcodes":77,"cronEvents":78,"entryPointCount":13,"unprotectedCount":13},[57,63,69,73],{"type":58,"name":59,"callback":60,"file":61,"line":62},"filter","cron_schedules","lla_every_five_minutes","ctrls\\LLA.php",5,{"type":64,"name":65,"callback":66,"file":67,"line":68},"action","admin_enqueue_scripts","__enqueue__","ctrls\\LLACSS.php",9,{"type":64,"name":70,"callback":71,"file":72,"line":11},"admin_menu","__menu__","ctrls\\LLADashboard.php",{"type":64,"name":65,"callback":66,"file":74,"line":68},"ctrls\\LLAJS.php",[],[],[],[],{"dangerousFunctions":80,"sqlUsage":81,"outputEscaping":212,"fileOperations":13,"externalRequests":220,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":221},[],{"prepared":82,"raw":83,"locations":84},49,61,[85,88,90,92,94,96,98,100,102,106,110,112,113,115,117,119,121,123,125,127,129,131,133,135,137,138,140,143,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,187,189,191,193,195,197,199,201,203,205,207,209],{"file":61,"line":86,"context":87},28,"$wpdb->get_row() with variable interpolation",{"file":61,"line":89,"context":87},73,{"file":61,"line":91,"context":87},111,{"file":61,"line":93,"context":87},198,{"file":61,"line":95,"context":87},217,{"file":61,"line":97,"context":87},260,{"file":61,"line":99,"context":87},283,{"file":61,"line":101,"context":87},311,{"file":103,"line":104,"context":105},"ctrls\\LLATableAnchor.php",94,"$wpdb->get_var() with variable interpolation",{"file":107,"line":108,"context":109},"ctrls\\LLATableDomains.php",55,"$wpdb->query() with variable interpolation",{"file":107,"line":111,"context":109},56,{"file":107,"line":31,"context":105},{"file":114,"line":83,"context":87},"ctrls\\LLATableLinks.php",{"file":114,"line":116,"context":109},72,{"file":114,"line":118,"context":87},76,{"file":114,"line":120,"context":87},81,{"file":114,"line":122,"context":105},142,{"file":114,"line":124,"context":105},152,{"file":114,"line":126,"context":105},159,{"file":114,"line":128,"context":105},166,{"file":114,"line":130,"context":105},173,{"file":114,"line":132,"context":105},179,{"file":114,"line":134,"context":105},185,{"file":114,"line":136,"context":105},191,{"file":114,"line":93,"context":105},{"file":114,"line":139,"context":105},203,{"file":141,"line":142,"context":105},"ctrls\\LLATablePost.php",78,{"file":144,"line":145,"context":109},"ctrls\\LLATableUniqueLinks.php",71,{"file":144,"line":147,"context":105},109,{"file":144,"line":149,"context":105},117,{"file":144,"line":151,"context":105},122,{"file":144,"line":153,"context":105},127,{"file":144,"line":155,"context":105},132,{"file":144,"line":157,"context":105},137,{"file":159,"line":68,"context":105},"views\\analysis.php",{"file":159,"line":161,"context":105},13,{"file":159,"line":163,"context":105},14,{"file":159,"line":165,"context":105},17,{"file":159,"line":167,"context":105},18,{"file":159,"line":169,"context":105},19,{"file":159,"line":171,"context":105},20,{"file":159,"line":173,"context":105},21,{"file":159,"line":175,"context":105},22,{"file":159,"line":177,"context":105},23,{"file":159,"line":179,"context":105},24,{"file":159,"line":181,"context":87},25,{"file":159,"line":183,"context":87},27,{"file":159,"line":185,"context":87},29,{"file":159,"line":30,"context":87},{"file":159,"line":188,"context":87},31,{"file":159,"line":190,"context":105},32,{"file":159,"line":192,"context":105},33,{"file":159,"line":194,"context":105},34,{"file":159,"line":196,"context":105},35,{"file":159,"line":198,"context":105},36,{"file":159,"line":200,"context":105},38,{"file":159,"line":202,"context":105},39,{"file":159,"line":204,"context":105},40,{"file":159,"line":206,"context":105},41,{"file":159,"line":208,"context":105},42,{"file":159,"line":210,"context":211},53,"$wpdb->get_results() with variable interpolation",{"escaped":200,"rawEcho":213,"locations":214},2,[215,218],{"file":216,"line":11,"context":217},"views\\table-links.php","raw output",{"file":219,"line":11,"context":217},"views\\table-unique-links.php",1,[],[223,240,248,262,270,280,288,298,306,316,324,334],{"entryPoint":224,"graph":225,"unsanitizedCount":220,"severity":239},"\u003Ctable-links> (views\\table-links.php:0)",{"nodes":226,"edges":236},[227,231],{"id":228,"type":229,"label":230,"file":216,"line":29},"n0","source","$_POST",{"id":232,"type":233,"label":234,"file":216,"line":11,"wp_function":235},"n1","sink","echo() [XSS]","echo",[237],{"from":228,"to":232,"sanitized":238},false,"low",{"entryPoint":241,"graph":242,"unsanitizedCount":220,"severity":239},"\u003Ctable-unique-links> (views\\table-unique-links.php:0)",{"nodes":243,"edges":246},[244,245],{"id":228,"type":229,"label":230,"file":219,"line":29},{"id":232,"type":233,"label":234,"file":219,"line":11,"wp_function":235},[247],{"from":228,"to":232,"sanitized":238},{"entryPoint":249,"graph":250,"unsanitizedCount":220,"severity":261},"prepare_items (ctrls\\LLATableAnchor.php:76)",{"nodes":251,"edges":259},[252,255],{"id":228,"type":229,"label":253,"file":103,"line":254},"$_REQUEST",86,{"id":232,"type":233,"label":256,"file":103,"line":257,"wp_function":258},"get_results() [SQLi]",93,"get_results",[260],{"from":228,"to":232,"sanitized":238},"high",{"entryPoint":263,"graph":264,"unsanitizedCount":220,"severity":261},"\u003CLLATableAnchor> (ctrls\\LLATableAnchor.php:0)",{"nodes":265,"edges":268},[266,267],{"id":228,"type":229,"label":253,"file":103,"line":254},{"id":232,"type":233,"label":256,"file":103,"line":257,"wp_function":258},[269],{"from":228,"to":232,"sanitized":238},{"entryPoint":271,"graph":272,"unsanitizedCount":220,"severity":261},"prepare_items (ctrls\\LLATableDomains.php:75)",{"nodes":273,"edges":278},[274,276],{"id":228,"type":229,"label":253,"file":107,"line":275},87,{"id":232,"type":233,"label":256,"file":107,"line":277,"wp_function":258},97,[279],{"from":228,"to":232,"sanitized":238},{"entryPoint":281,"graph":282,"unsanitizedCount":220,"severity":261},"\u003CLLATableDomains> (ctrls\\LLATableDomains.php:0)",{"nodes":283,"edges":286},[284,285],{"id":228,"type":229,"label":253,"file":107,"line":275},{"id":232,"type":233,"label":256,"file":107,"line":277,"wp_function":258},[287],{"from":228,"to":232,"sanitized":238},{"entryPoint":289,"graph":290,"unsanitizedCount":68,"severity":261},"prepare_items (ctrls\\LLATableLinks.php:122)",{"nodes":291,"edges":296},[292,294],{"id":228,"type":229,"label":293,"file":114,"line":155},"$_REQUEST (x9)",{"id":232,"type":233,"label":256,"file":114,"line":295,"wp_function":258},151,[297],{"from":228,"to":232,"sanitized":238},{"entryPoint":299,"graph":300,"unsanitizedCount":68,"severity":261},"\u003CLLATableLinks> (ctrls\\LLATableLinks.php:0)",{"nodes":301,"edges":304},[302,303],{"id":228,"type":229,"label":293,"file":114,"line":155},{"id":232,"type":233,"label":256,"file":114,"line":295,"wp_function":258},[305],{"from":228,"to":232,"sanitized":238},{"entryPoint":307,"graph":308,"unsanitizedCount":220,"severity":261},"prepare_items (ctrls\\LLATablePost.php:60)",{"nodes":309,"edges":314},[310,312],{"id":228,"type":229,"label":253,"file":141,"line":311},70,{"id":232,"type":233,"label":256,"file":141,"line":313,"wp_function":258},77,[315],{"from":228,"to":232,"sanitized":238},{"entryPoint":317,"graph":318,"unsanitizedCount":220,"severity":261},"\u003CLLATablePost> (ctrls\\LLATablePost.php:0)",{"nodes":319,"edges":322},[320,321],{"id":228,"type":229,"label":253,"file":141,"line":311},{"id":232,"type":233,"label":256,"file":141,"line":313,"wp_function":258},[323],{"from":228,"to":232,"sanitized":238},{"entryPoint":325,"graph":326,"unsanitizedCount":62,"severity":261},"prepare_items (ctrls\\LLATableUniqueLinks.php:90)",{"nodes":327,"edges":332},[328,330],{"id":228,"type":229,"label":329,"file":144,"line":53},"$_REQUEST (x5)",{"id":232,"type":233,"label":256,"file":144,"line":331,"wp_function":258},116,[333],{"from":228,"to":232,"sanitized":238},{"entryPoint":335,"graph":336,"unsanitizedCount":62,"severity":261},"\u003CLLATableUniqueLinks> (ctrls\\LLATableUniqueLinks.php:0)",{"nodes":337,"edges":340},[338,339],{"id":228,"type":229,"label":329,"file":144,"line":53},{"id":232,"type":233,"label":256,"file":144,"line":331,"wp_function":258},[341],{"from":228,"to":232,"sanitized":238},{"summary":343,"deductions":344},"The plugin \"link-control-commando\" v1.0.0 exhibits a generally good security posture in several areas, notably with a high percentage of properly escaped outputs and no file operations or external HTTP requests that would typically be flagged. The absence of known CVEs and historical vulnerabilities is also a positive indicator, suggesting a proactive approach to security or a lack of past issues.\n\nHowever, significant concerns arise from the static analysis. The 10 identified high-severity taint flows with unsanitized paths are a critical red flag. This indicates that user-supplied data is not being properly validated or cleaned before being used, potentially leading to injection vulnerabilities. Furthermore, the complete lack of nonce checks and capability checks, combined with the absence of any authenticated entry points (AJAX, REST API, shortcodes, cron events), is unusual. While this limits the attack surface from traditional vectors, it also means that any function that *does* exist (even if not explicitly listed as an entry point) might be callable without proper authorization or integrity checks if it's invoked indirectly.\n\nThe substantial number of SQL queries, with a significant portion not using prepared statements (55%), also presents a risk. While not all of these may be directly exploitable due to the lack of explicit entry points, it increases the potential for SQL injection if any of these queries are ever exposed to unsanitized input. The vulnerability history is clean, which is encouraging, but the code-level risks identified in the static analysis warrant careful attention and remediation.",[345,348,351,353],{"reason":346,"points":347},"High severity unsanitized taint flows",15,{"reason":349,"points":350},"Missing nonce checks",8,{"reason":352,"points":350},"Missing capability checks",{"reason":354,"points":62},"SQL queries without prepared statements","2026-03-17T01:00:30.011Z",{"wat":357,"direct":366},{"assetPaths":358,"generatorPatterns":361,"scriptPaths":362,"versionParams":364},[359,360],"\u002Fwp-content\u002Fplugins\u002Flink-control-commando\u002Fassets\u002Fcss\u002Flla-admin.css","\u002Fwp-content\u002Fplugins\u002Flink-control-commando\u002Fassets\u002Fjs\u002Floader.js",[],[363],"assets\u002Fjs\u002Floader.js",[365],"LLA-VERSION",{"cssClasses":367,"htmlComments":369,"htmlAttributes":370,"restEndpoints":371,"jsGlobals":372,"shortcodeOutput":374},[368],"LLA-SLUG",[],[],[],[373],"lba_ajax_object",[]]